questionnaire regarding corporate governance …

QUESTIONNAIRE REGARDING CORPORATE GOVERNANCE PRACTICES DISCLOSED IN LISTED ISSUERS’ 2007 ANNUAL REPORTS

The Stock Exchange of Hong Kong Limited (the Exchange) is conducting its third annual review of the extent to which listed issuers comply with the Code on Corporate Governance Practices (the Code). This third annual review will examine corporate governance practices disclosed in listed issuers’ 2007 annual reports (i.e. annual reports that cover financial years ending in 2007).

Completing this questionnaire

To facilitate the Exchange’s review, all listed issuers are required to complete this questionnaire and return the completed questionnaire to the Exchange on or before 29 August 2008.

The completed questionnaire may be returned to the Exchange by one of the following methods:

post or hand delivery to 11/F, One International Finance Centre, 1 Harbour View Street, Central, Hong Kong; or

facsimile to (852) 2248 6950.

About this questionnaire

This questionnaire seeks information in respect of: (1) the extent to which issuers have adopted the code provisions (Sections 1 and 2); and (2) the extent to which issuers have adopted the recommended best practices (Section 3).

It is mandatory to respond to Sections 1 and 2. You are encouraged also to respond to Section 3. The Exchange will keep responses to Section 3 confidential and publish them only on a consolidated and no-names basis. We will use the information to monitor the development of corporate governance practices in Hong Kong.

Please note that your responses to the questions in the questionnaire should reflect the disclosures made in your 2007 annual report in compliance with Main Board Listing Rule 3.25 or GEM Listing Rule 5.34, as applicable.

Before it is submitted, the completed questionnaire must be reviewed by one of the following: your Chairman; your Chief Executive; or your Chief Financial Officer. That person should ensure that they agree with the proposed answers to the questionnaire.

To be clear, references in this questionnaire to “you” and “your” mean the issuer / the issuer’s e.g. a question that asks “did you fully comply…?” means “did the issuer on whose behalf this questionnaire is completed fully comply …?”.

Should you have any questions or wish to discuss any aspect of the questionnaire, please contact the Listing Division on (852) 2840-3755.

2

Issuer information

Name of issuer:

Stock code:

Name:

Signature:

Position title:

Com

plet

ed b

y:

Telephone number:

Name:

Signature:

Position title: Chairman / Chief Executive / Chief Financial Officer (strike through the positions that are not relevant) R

evie

wed

by:

Telephone number:

3

Section 1: Code provisions

For Section 1, please note:

• an issuer fully complies with a code provision only if it fully complies for the full financial year;

• the Code provides that where an issuer deviates from a code provision, the issuer must give considered reasons for the deviation; and

• if there is more than one limb to the code provision, please be clear about which limb was deviated from and the reason for deviation in respect of each relevant limb.

1.1 Did you fully comply with all of the code provisions for the 2007 financial year?

Yes (please go to Sections 2 and 3)

No (please continue with the rest of Section 1 of the questionnaire before going to Sections 2 and 3)

1.2 Please indicate below which of the code provisions you did not fully comply with (i.e. from which you deviated).

(Please then answer the detailed questions about those code provisions e.g. if you only deviated from code provision A.1.1 you should list only code provision A.1.1 in the following table and then you need only complete question 2 before moving to Section 2 of this questionnaire.)

We deviated from the code provisions listed below:

1 (e.g. A.1.1) 11

2 12

3 13

4 14

5 15

6 16

7 17

8 18

9 19

10 20

4

1.3 For each of the code provisions that you did NOT fully comply with (as set out in response to question 1.2 above), please indicate which of (a) to (c) best applies. (Please tick the appropriate cell.)

Not fully comply and you stated in your 2007 annual report that:

Code provision

(a) you had rectified the deviation during the 2007 financial year

(b) you proposed to rectify the deviation

(c) you decided not to follow the code provision

(If this part applies to you, please answer question 1.4.)

Directors

A.1.1

A.1.2

A.1.3

A.1.4

A.1.5

A.1.6

A.1.7

A.1.8

A.2.1

A.2.2

A.2.3

A.3.1

A.4.1

A.4.2

A.5.1

A.5.2

A.5.3

A.5.4

A.6.1

A.6.2

A.6.3

Remuneration of directors and senior management

B.1.1

B.1.2

B.1.3

B.1.4

B.1.5

5

Internal controls

C.1.1

C.1.2

C.1.3

C.2.1

C.3.1

C.3.2

C.3.3

C.3.4

C.3.5

C.3.6

Delegation by the board

D.1.1

D.1.2

D.2.1

D.2.2

Communication with shareholders

E.1.1

E.1.2

E.2.1

E.2.2

E.2.3

1.4 If you decided not to follow any code provision in your 2007 financial year (as indicated by checking box (c) in response to question 1.3 above), please state the reason given in your annual report for the deviation:

Code provision

Reason for deviation (as set out in your annual report) (If you need more space, please attach additional pages)

(e.g. A.1.1)

6

Code provision

Reason for deviation (as set out in your annual report) (If you need more space, please attach additional pages)

Section 2: More detail about code provision C.2.1

Code provision C.2.1 requires that the directors of every issuer should, at least annually, conduct a review of the effectiveness of the system of internal control of the issuer and its subsidiaries.

2.1 During the 2007 financial year, how often did you conduct the required review?

not at all (i.e. we did not comply with code provision C.2.1)

annually

half-yearly

quarterly

other frequency – if so, then how many times during the year?

2.2 Who was tasked with undertaking the review/s? (For example, your internal audit function, an independent third party etc.)

________________________________________________________________________ ________________________________________________________________________

2.3 How did you and your subsidiaries undertake the reviews? Tick whichever of the boxes applies. More than one box may be ticked.

used a risk-based approach

assessed compliance against established written internal control policies

referred to the internal control framework enunciated by the Committee of Sponsoring Organizations of the Treadway Commission (COSO)

referred to the HKICPA guidance on internal controls

referred to other material such as the Turnbull Guidance and/or the requirements of the Sarbanes-Oxley Act of 2002

issued a questionnaire to relevant staff and/or conducted interviews

other – if so, specify below

7

________________________________________________________________________ ________________________________________________________________________

2.4 By contrast to your experience in previous years, what were the most significant challenges to undertaking the review?

________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________

2.5 Again by contrast to your experience in previous years, what resources were required to undertake the review (e.g. what was the required time commitment)?

________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________

Section 3: Recommended best practices

3.1 For each of the following recommended best practices (RBP) did you comply for the full 2007 financial year? If not, please give the reason for deviation.

Please tick the appropriate column: RBP RBP not applicable1

We complied

We did not comply but have since rectified the deviation

We did not comply and have not rectified the deviation

If you did not comply (save where the RBP was not applicable) and have not rectified the deviation, why did you not comply?

A.1.9

A.1.10

A.2.4

A.2.5

A.2.6

A.2.7

1 Some RBPs may be not applicable to some issuers. That is because some of the RBPs work

together such that, if an issuer deviates from one RBP, one or more others may not apply. For example, if a Main Board issuer does not adopt quarterly reporting in accordance with RBP C.1.4, then it is likely that RBP C.1.5 will be inapplicable.

8


We complied




A.2.8

A.2.9

A.3.2

A.3.3

A.4.3

A.4.4

A.4.5

A.4.6

A.4.7

A.4.8

A.5.5

A.5.6

A.5.7

A.5.8

B.1.6

B.1.7

B.1.8

C.1.4

9


We complied




C.1.5

C.2.2

C.2.3

C.2.4

C.2.5

C.3.7

D.1.3

D.1.4

End of questionnaire

Professional

Accountants in

Business

Committee

International Good Practice Guidance

Defining and Developing an Effective Code of Conduct for Organizations

Foreword All professional accountants, whether in practice or working in commercial or public sector organizations, are bound to uphold high ethical standards under the Code of Ethics for Professional Accountants issued by the International Federation of Accountants (IFAC). Noting that Professional Accountants in Business (PAIB) play an important role in organizations, whether as CFOs, in compliance, internal control and risk management, or at the board level as executive/independent directors and members of audit committees, the IFAC PAIB Committee took the view that it is at least equally important that the organizations in which PAIBs work should have a code of conduct to establish the principles of good corporate ethical behaviour and the organization’s values, and how the board, management and staff are expected to uphold and practise them. This need has been reinforced by some high-profile corporate scandals and failures, in recent years, where ethics, integrity and values have been swept aside in the rush for financial gain, or to meet increasingly unrealistic performance expectations, which could have been mitigated had the organizations concerned had in place a clearly-defined, well-communicated and effectively-implemented code of conduct. This International Good Practice Guide, entitled Defining and Developing an Effective Code of Conduct for Organizations, will assist organizations in developing a code of conduct for the first time or help them to improve an existing code. Acknowledging the value for listed companies, public interest and other organizations in Hong Kong to develop or enhance an in-house code, the Hong Kong Institute of Certified Public Accountants, The Hong Kong Institute of Directors and the Hong Kong Exchanges and Clearing Limited sought permission from IFAC to reproduce this guide in Hong Kong. When an organization issues a code of conduct, it makes an important statement to employees and to external stakeholders, which says that “This organization is willing to be judged by the community against its peers and against objective standards of good conduct”. It is also putting into place an important part of an overarching structure, embracing good corporate governance practices and the systems and processes that comprise effective internal controls and risk management. We believe that the process of participating in the preparation and subsequent communication and implementation of a code of conduct will result in the organization, its management and staff becoming a more cohesive whole. This IFAC International Good Practice Guidance is to be commended. It is a valuable thought leadership initiative by the IFAC PAIB Committee in that it (i) raises awareness of this important topic, placing it squarely in the mainstream, and (ii) while it does not purport to provide detailed and prescriptive answers for individual organizations, it sets out a road map with key principles and guidance to help and encourage all types of organization to ask the right questions of themselves and to develop their own specific codes of conduct that take account of their own circumstances.

Winnie Cheung Chief Executive Hong Kong Institute of Certified Public Accountants

Paul Chow Chief Executive Hong Kong Exchanges and Clearing Limited

Carlye Tsui Chief Executive Officer The Hong Kong Institute of Directors

May 2008

PREFACE TO IFAC’S INTERNATIONAL GOOD PRACTICE GUIDANCE (IGPG) Objectives 1. In pursuit of its goals of serving the public interest, strengthening the accountancy profession

worldwide and contributing to the development of strong international economies, IFAC develops standards, statements, information papers, guidance and special reports. This Preface sets out the scope, purpose, and due process of International Good Practice Guidance published by the International Federation of Accountants’ Professional Accountants in Business (PAIB) Committee. The approaches set out in International Good Practice Guidance, which start from the clear identification of principles, are generally accepted internationally and apply to organizations of all sizes in commerce, industry, the public sector, education, and the not-for-profit sector.

Scope and purpose 2. The scope of International Good Practice Guidance covers management accounting and

financial management, as well as broader topics with which professional accountants in business are likely to engage alongside colleagues from other disciplines. IFAC’s purpose in issuing guidance in these areas is to foster a common and consistent approach to those aspects of the work of professional accountants in business not already covered by published international standards. A secondary purpose is to help professional accountants in business to meet the challenge of explaining their work to non-accountants. By setting out principles for each topic, the documents create a contextual background for the more detailed methods and techniques professional accountants in business use.

The importance of principles 3. A significant feature of International Good Practice Guidance is that they are explicitly

grounded in principles (paragraph 9). The Committee reviews available guidance in a topic area, applying the extensive expertise and experience of its members and IFAC member bodies to draw out a set of globally applicable statements of principle. The principles should guide the thought processes of professional accountants in business when they tackle the relevant topic and to underpin the exercise of the professional judgment that is important in most of their roles. They provide the professional accountant in business (and those served by the professional accountant) with a common frame of reference when deciding how to address an issue, within the huge range of individual organizational situations that may be encountered. General guidance assists with the consistent implementation of the principles and, where appropriate, signposts to sources of greater detail.

Due Process 4. While International Good Practice Guidance does not impose an obligation on professional

accountants in business, they do represent IFAC’s recommended practice in the areas they cover. Therefore, each proposed guidance document is subject to a formal due process, a

key component of which is wide consultation including public exposure. The due process is derived from those of IFAC’s public interest activity committees but reflects the PAIB Committee’s meeting and operational procedures. The due process is intended to ensure both quality and global applicability of the final document, attributes which lend the document its authority. It is described in the document Due Process for IFAC’s International Good Practice Guidance.

5. The PAIB Committee welcomes feedback on its International Good Practice Guidance from

professional accountants in business and others, including comments on both the content and the form of presentation. Comments can be sent to [email protected].

Getting the most out of International Good Practice Guidance 6. Professional accountants in business should consider the relevance of the guidance in these

documents in relation to the roles that they have in their organizations. The extensive and vital range of roles they perform is featured in the Committee’s 2005 publication The Roles and Domain of the Professional Accountant in Business. Their roles include understanding and driving the generation or creation of value; provision of information for decision making, accountability and control; performance measurement and communication to stakeholders; financial control, improving efficiency, and managing risk. International Good Practice Guidance documents support professional accountants in business in the selection and application of the appropriate tools for the analysis and management of organizations in support of these critical tasks. This will encourage professional accountants in business, irrespective of geographical location or of size or type of employer, to adopt broadly consistent approaches to their work. Consequently, some organizations might find it useful to distribute the content to subsidiaries, or stakeholders in their value chain.

7. The PAIB Committee recommends that professional accountants in business use the

principles to guide their decision making and use the application guidance and signposting to other resources to consider how to implement these in practice. Good practice is always evolving, and so over time newer and better techniques and approaches to the work of the accountant will inevitably emerge. While the PAIB Committee periodically reviews its International Good Practice Guidance, it is the personal responsibility of the professional accountant to keep abreast of developments that may affect their work. International Good Practice Guidance also builds on the fundamental principles of integrity, objectivity, professional competence and due care, confidentiality, and professional behavior already required of professional accountants in business in IFAC’s Code of Ethics for Professional Accountants.

Content 8. An International Good Practice Guidance document will typically include the following

content:

• General overview of why the topic is important, including o Topic introduction and objective of the guidance o Typical roles of the professional accountant in business in relation to the topic

• Principles that are widely accepted features of good practice in the topic, including o Definitions of key terms o Key concepts and frameworks where they exist

• Practical application guidance to support implementation of the principles,

including o Recognition of challenges and issues and sector specific issues o Practical examples of practice in the topic area

• Signposting to other key sources of information (resources).

9. Principles represent fundamental generalizations that should be used by professional accountants in business as the basis of their reasoning and conduct. Principles typically provide a broad frame of reference and stress starting points and boundaries rather than prescriptive rules that must be followed. The principles, therefore, encourage the appropriate exercise of sound professional judgement by professional accountants in business.

10. Guidance (application) supports the consistent implementation of principles and recognizes

issues and challenges in implementing good practice. Guidance also helps to clarify special issues in particular contexts, for example highlighting special considerations for public sector or small- and medium-sized entities.

11. Signposting will ensure accessibility to other key sources of information including additional

guidance, books, articles, websites, surveys, interviews and case studies or critical analysis. Some of this information will be accessible via the IFAC KnowledgeNet, accessible at www.ifacnet.com.

Professional Accountants in Business Committee

International Federation of Accountants 545 Fifth Avenue, 14th Floor

New York, New York 10017 USA

Copyright © June 2007 by the International Federation of Accountants (IFAC). All rights reserved. Used with permission of IFAC. Contact [email protected] for permission to reproduce, store or transmit this document.

IFAC PAIB COMMITTEE INTERNATIONAL

GOOD PRACTICE GUIDANCE TABLE OF CONTENTS

Page

1. General Overview of Why the Topic is Important ............................................................... 2 Establishing a Business Case for Developing a Code of Conduct ........................................ 3 The Role of the Professional Accountant in Business .......................................................... 3

2. Key Principles That are Widely Accepted Features of Good Practice ................................. 6

The Nature of Codes of Conduct in Organizations ............................................................... 6 The Key Principles in Defining and Developing a Code of Conduct ................................... 7

3. Application Guidance on Implementing the Principles ........................................................ 9 Appendix A: Illustration of a Code of Conduct for the ABC Organization ............................... 22 Appendix B: Values-Based Principles in Public Life – An Example ......................................... 27 Appendix C: External Conduct Guidelines and Legal Standards ............................................... 28 Appendix D: A Graphic Representation of Key Stakeholders and

Their Primary Areas of Concern ........................................................................................... 29 Appendix E: Resources ............................................................................................................... 30

IFAC PAIB COMMITTEE INTERNATIONAL GOOD PRACTICE GUIDANCE

2

1. General Overview of Why the Topic is Important 1.1 Every organization has a standard of conduct, whether it knows it or not. One way or

another, explicitly or implicitly, every organization communicates its values, acceptable criteria for decision-making, and its ground rules for behavior. An increasing number of organizations realize the importance and benefits of explicitly communicating their values and guiding principles in a published code of conduct or ethics. Such a code, which helps build a values-driven organization, typically deals with an organization’s underlying values, commitment to employees, standards for doing business, and its relationship with wider society.

1.2 The concern over failure to establish or to adhere to standards of proper conduct has been

heightened by corporate scandals and their impact on the capital markets and investors. Many individuals and groups demand more from their organizational leaders than profit maximization and transparency, and many organizational leaders now emphasize ethics and integrity as a primary feature of their business conduct. This increased focus on ethics, corporate governance and corporate responsibility has encouraged many organizations to establish codes of conduct. In some countries, laws and regulations have required such codes; in others, their establishment has been prompted by market mechanisms such as movements in share price, or a combination of market forces and regulation. From a wider economic perspective, implementing codes of conduct effectively and consistently could improve organizational performance and control, leading to fewer irregularities and corporate scandals and a gradual build-up of trust between organizations and its stakeholders.

1.3 Many organizations realize that good conduct and integrity contribute to marketplace

success. Management theorists and business leaders frequently assert that clear core values are essential to high-performing organizations, and that “good conduct is good business.” Ethical dilemmas can impair an organization’s reputation, and ultimately its financial performance. Facilitating ethical behavior in organizations can help both to safeguard reputation and to convey a commitment to responsible practice to both society and regulators. Furthermore, multinational corporations influence standards of conduct and business practice when they apply their codes of conduct to all their operational facilities.

1.4 Questionable business practices, and even individual incidents of improper conduct, reflect

to some degree the values, attitudes, beliefs, and systems of the organization in which they occur. Senior managers can be accused of failing to provide leadership if they don’t institute systems that encourage and facilitate appropriate standards of conduct and behavior.

1.5 Despite pockets of information and resources on developing codes, authoritative

international guidance is lacking for professional accountants in business. This International Good Practice Guidance prepares professional accountants in business to encourage an ethics-based culture and to help their organizations define and develop a code of conduct. It is equally relevant to organizations creating a code for the first time, and those wishing to review their existing approach whether in developing markets or established economies.


3

1.6 Recognizing that this is an evolving area of practice, the PAIB Committee welcomes

feedback and additional comment on this Guidance over time. Additional comments can be sent to [email protected]. The PAIB Committee also encourages professional accountants in practice to refer to this Guidance.

Establishing a Business Case for Developing a Code of Conduct 1.7 Having a code is a key element of ensuring effective corporate governance. It is one of

employees’ most important documents. Developing and reviewing a code helps to make visible (a) how the company operates, (b) how it embeds its core values (such as by reflecting its cores values in its communications, processes, and behavior), and (c) how it relates to its key stakeholders. Employees generally prefer to work for organizations committed to values and ethics, and consumers tend to prefer to buy from organizations with strong records of adherence to standards of conduct and socially sensitive behavior. Codes also help to reassure investors and other stakeholders, in particular those looking for socially responsible investment, integrity, and a commitment to ethics.

1.8 A well-designed code of conduct can provide the context for programs designed to

improve organizational performance. Organizations that fail to establish and implement a code of conduct and to embed their organizational values could experience lower productivity, higher staff turnover, increased transaction and agency costs, and increased exposure to legal action. This failure will ultimately affect corporate reputation and therefore increase the cost of capital. Thus, successfully implementing a code of conduct within a values-based organization is increasingly perceived as a competitive asset and advantage.

The Role of the Professional Accountant in Business 1.9 Professional accountants in business have important and varied roles to play in driving and

supporting organizational ethics and conducting ethics programs and, specifically in the context of this Guidance, in defining and developing codes of conduct. All professional accountants in business have to uphold high ethical standards in accordance with IFAC’s Code of Ethics for Professional Accountants, which requires accountants to encourage an ethics-based culture in an employing organization that emphasizes the importance that senior management places on ethical behavior1. Therefore, all professional accountants in business can support an organization’s code of conduct through their own behavior. The more senior the position an individual holds, the greater the ability and opportunity to influence events, practices, and attitudes. As a CEO or a CFO, an accountant may be directly involved in (a) developing and approving a code, especially by leading or championing the project, and (b) establishing the structures and approach required to execute an ethics, compliance, and values program.

1 Paragraph 300.5 of the IFAC Code of Ethics for Professional Accountants.


4

1.10 Organizational leaders such as CEOs, CFOs and other directors and senior managers could

also be involved in demonstrating code adherence to third parties, whether investors, their representatives, or special interest groups. Pressure from third parties can focus on such high profile areas and issues as (a) protecting workers and labor practices, (b) extending code principles and guidelines to suppliers and business partners, and (c) addressing a range of management issues. Senior managers should ensure that the code, and other broader compliance and governance programs, influence how these issues are managed in practice.

1.11 An accountant working in internal audit may be involved in (a) assessing whether the code

is an effective tool in minimizing the risk of improper conduct, including whether non-adherence is being reported, and (b) reporting to the audit committee. Accountants in the internal audit or finance function could also be involved in implementing and reinforcing the code in that function.

1.12 More generally, codes of conduct play a vital role in strengthening the control environment,

within which professional accountants in business can feature significantly by monitoring, reviewing, and reporting on performance. Because an effective code of conduct is a critical component of an organization’s control systems, most professional accountants in business should be able to:

• Recognize potential ethical and compliance problems within the organizations they support;

• Apply a framework or a decision-making process for resolving conflicts;

• Articulate the reasons for making particular decisions based on a code of conduct;

• Identify, monitor, and communicate the expectations of stakeholders, as well as the costs, benefits and risks of meeting those expectations;

• Monitor and report on adherence to their organizations’ codes of conduct; and

• Assess whether proposed action on current and future initiatives effectively manages the risks faced by the organization.

1.13 Although organizations may have their own codes of conduct, accountants are also required

to comply with the code of ethics of their professional body. Professional bodies that are members of IFAC are required to comply with the ethical requirements of the IFAC Code, which establishes ethical requirements for professional accountants. A member body may not apply less stringent standards than those stated in this Code. However, if a member body is prohibited from complying with certain parts of this Code by law or regulation, they should comply with all other parts. The requirements and guidance of some jurisdictions may differ from the IFAC Code. Professional accountants should be aware of those differences and comply with the more stringent requirements and guidance, unless prohibited by law or regulation. Therefore, an accountant who is a member of a professional body that is an IFAC member will be required to comply with the principles of the IFAC Code, as well as the professional body’s code of conduct. Professional accountants in business should support an organization’s code by behaving in compliance with it. Where


5

appropriate, professional accountants in business should also be aware of other relevant codes such as the Group of 100 Code of Conduct for the Chief Financial Officers of Australia’s major enterprises. Complying with all relevant codes contributes to the integrity of reporting, and to responsible and ethical decision-making.

1.14 The 2005 PAIB Committee paper, The Roles and Domains of Professional Accountants in

Business, outlines the varied roles that professional accountants in business perform, for example in implementing and maintaining operational and fiduciary controls, providing analytical support for strategic planning and decision making, ensuring that effective risk management processes are in place, and assisting management in setting the tone for ethical practices.


6

2. Key Principles That are Widely Accepted Features of Good Practice The Nature of Codes of Conduct in Organizations 2.1 Typically, an organization’s ethics policy would set out the organization’s values and

principles whilst an organization’s code of conduct would outline standards of behavior and practices. Some codes of conduct are labeled Code of Ethics, Code of Business Practices, Code of Values, or Code of Behaviors. The most common term seems to be Code of Conduct, although some organizations individualize the title with one of their core values, such as “integrity,” or with a phrase such as “Performance with integrity” or “The way we do business”. Some organizations have a separate ethics policy and code of conduct.

2.2 Although codes of conduct are drafted in many different ways, programs in organizations

with a relatively developed approach to managing ethics and values usually include:

• An organization’s mission;

• A statement from the CEO and/or board of directors;

• Organizational values and principles;

• A statement(s) on how the entity relates to its community, the environment, and society;

• Ethical and conduct guidelines and guidance on practices;

• Examples of ethical and unethical behavior;

• Specific rules of conduct; and

• Commitment to and information on performance evaluation. 2.3 The term “code of conduct” does not have an authorized definition. In its 1999 report Code

of Corporate Conduct: An inventory, the OECD Working Party of the Trade Committee defined codes of corporate conduct for the purpose of its survey as “commitments voluntarily made by companies, associations or other entities, which put forth standards and principles for the conduct of business activities in the marketplace.”

2.4 Most other definitions emphasize that a code of conduct is a formal statement of the values

and business practices of a corporation. A comprehensive definition of “code of conduct” for purposes of this guidance is:

Principles, values, standards, or rules of behavior that guide the decisions, procedures and systems of an organization in a way that (a) contributes to the welfare of its key stakeholders, and (b) respects the rights of all constituents affected by its operations.


7

2.5 It is useful to distinguish between terms, to avoid confusion in communications, and to see part of the development of a code of conduct and a wider approach to ethics and compliance (perhaps in the form of an ethics and compliance program typical in many large organizations) from a broader effort to foster a values-driven organization. A code of conduct is one part of a comprehensive compliance and ethics program that should be part of a values-based organization and culture. This ensures that an ethics program and the development of a code of conduct are both rooted in an organization’s core values. Ethical decision-making requires values to guide those decisions. Values are important beliefs that shape attitudes and motivate actions, and should be used as a framework within which employees make decisions.

2.6 This approach can also be translated into a code of conduct by using the term “values-based

code.” This refers to an approach that uses values as the basis for ethical decision-making. A code cannot cover all ethical and unethical actions hence it is neither a total solution nor a prescriptive tool to guide organizations and their management. Furthermore, many situations require employees to use discretion. A values-based code uses the organization’s values and managerial and employee guidelines as the basis for ethical decision-making, without listing detailed rules. This can help employees ‘do the right thing’ and address ethical dilemmas that sometimes do not have clear answers.

The Key Principles in Defining and Developing a Code of Conduct 2.7 The key principles underlying widely accepted good practice are:

A. The organization’s overarching objective should be to develop a values-based organization and a values-driven code, to promote a culture that encourages employees to internalize the principle of integrity and practice it, and encourages employees to “do the right thing” by allowing them to make appropriate decisions.

B. A code of conduct reflects organizational context. The nature, title and content

of an effective code will vary between organizations, as will the approach to its development.

C. Commitment from board of directors: Ultimately, ethical responsibility lies

with the board of directors (or its equivalent), the body that has power to influence an organization’s culture and behavior. Boards should specifically oversee the development of the code of conduct (and a wider initiative to achieve a values-based organization), and formally appoint a senior manager to supervise that development.

D. A multi-disciplinary and cross-functional group including international

personnel should lead code development where organizational size permits. Groups of employees and other key stakeholders can help to identify risks to corporate culture and business conduct and consider potential vulnerabilities arising from these risks and can usefully assist in defining and reviewing code content.


8

E. Clearly identifying the established process for defining, developing and

reviewing a code will promote understanding of, and agreement on, the key stages and activities.

F. A code of conduct should apply across all jurisdictions in which an organization

operates, unless contrary to local laws and regulations. G. Continuous awareness and promotion of the code and the wider approach to

ethics and compliance is an important part of conveying management’s commitment to their underlying principles. A continuous awareness program should sustain interest in and commitment to the code. Employees and others should be made aware of the consequences of not adhering to the code.


9

3. Application Guidance on Implementing the Principles PRINCIPLE A The organization’s overarching objective should be to develop a values-based organization and a values-driven code, to promote a culture that encourages employees to internalize the principle of integrity and practice it, and encourages employees to “do the right thing” by allowing them to make appropriate decisions.

3.1 A values-based code is best suited to a rapidly changing business environment, because it

allows for a multitude of circumstances that may arise in practice. A values-based code provides a framework for analyzing threats and safeguards and determining appropriate action. It allows all employees to make responsible decisions and avoid a “tick-box” approach that could encourage loophole-based avoidance.

3.2 Managing for compliance2 is a starting point to developing a code. Organizations see the

tremendous damage that can be done to an organization’s reputation and momentum by illegal or otherwise improper conduct. To prevent this, an organization can establish a code of conduct requiring compliance with both the law and the standards of conduct the public demands. A code based solely on managing compliance will typically focus on prohibitions such as against conflicts of interest, theft of company property and revealing trade secrets, and could be titled a compliance code.

3.3 A compliance program can address only a limited set of organizational situations and

behaviors, namely those that can be reduced to simple standards of right and wrong. The most difficult issues faced by employees often involve dilemmas brought on by new technologies, new business arrangements, or cases where two or more obligations conflict.

3.4 A compliance program based on a code of conduct that sets minimum standards for

organizational behavior does little to define expected or encouraged types of behavior. It can expect employees to avoid mistreating customers, but it cannot help them see how to treat customers well. It may:

• Indicate to employees that the program is designed to control their behavior because

they are not trusted. This directly counters efforts to empower employees to use their personal judgment in appropriately handling the many situations they face; and

• Inadvertently give the impression that the organization wants only a minimum standard

of behavior, and that employees will not be rewarded for substantial attention to ethical and conduct issues.

3.5 OECD research published in 2000, An Expanded Review of their Contents, illustrates the

most-cited motivations mentioned by codes beyond mere expressions of responsibilities to the public or specific stakeholders. Cited objectives include: (a) protection or enhancement of reputation and the building or retention of industry leadership in certain areas of

2 Managing for compliance refers to avoiding any legal or other behavior that violates an organization’s policy and/or negatively affects its interests.


10

corporate social responsibility, (b) more customer loyalty, (c) improved operation of the business, (d) stronger staff loyalty, and (e) control of legal risks.

3.6 Organizations usually affect employee behaviors in only a limited way if they manage

compliance without creating a genuine change in organizational culture. Without that change, important situations raising conduct issues bring out instinctive rather than strategic responses. Those who do create that change foster a values-driven organization that identifies values and invests considerable resources to make those values permeate all aspects of operations. They find it productive to make decisions consistent with those values, even when short-term payoffs are not apparent.

3.7 A purely compliance-based approach that tells employees about the law as a means of

preventing violations has limited effectiveness. Recognition of this has steered many organizations to manage by a set of positive values that help to guide employees’ decisions and actions, and promote individual responsibility. Organizational values may be shaped by (a) an organization’s founders who continue to dominate leadership and management beliefs, (b) the expectations and demands of stakeholders, or (c) a set of long-standing values established by professional managers whether it is the board of directors or others charged with leadership and governance. Implementing a values-based program usually involves at least the following activities:

• Identifying and defining the organization’s values by considering the organization’s purpose, its accountabilities, its authority, and its obligations and duties. Preparing values statements should involve a broad group of managers and other employees. Typically, the better value statements are developed through consultation and collective commitment rather than by imposition from the top;

• Putting values into action by effectively communicating them, and continuously communicating with employees;

• Creating systems that help to embed values;

• Establishing a function and/or processes that monitors employees’ response to stated values, and ensures that they are having the desired impact;

• Updating values and values-based programs to support the changing needs of the organization;

• Assigning responsibility for interpreting values and reviewing values;

• Recruiting and promoting those whose personal values are aligned with the company’s values.

3.8 Preparing a values-based code requires defining fundamental principles and providing

guidance, particularly on what is ethical conduct and what is not. A values-based code defines values at a relatively high level, because it is impossible to address all situations employees might face. A code should clearly identify activities or behaviors for which there is no tolerance.


11

3.9 Appendix A is an example code of conduct that although not comprehensive acts as a guide on how a fictional organization describes the values that govern how it does business, sets out some example responsibilities of the organization towards its stakeholders and specifies how employees are expected to act in relation to the organization’s values as well as the laws and regulations that control operations. Appendix B provides an example of values-based principles that public sector organizations can appropriately include in their codes of conduct.

PRINCIPLE B A code of conduct reflects organizational context. The nature, title and content of an effective code will vary between organizations, as will the approach to its development.

3.10 Codes of conduct vary in design and content as well as how they are developed, and will be

affected by the following factors:

• Organizational size, type and complexity;

• Geography;

• Industry; and

• Cultural considerations. 3.11 Smaller organizations could take a simpler approach that leads to a shorter document

covering a narrower range of issues. The process of development and implementation will likely be less formal, focusing on actions rather than formal policy statements. If the behavior of the owner-manager(s) is to be seen as a model for employees’ behavior, they should understand the owner-manager(s)’ approach to ethical issues. Ideally, new partners and senior managers would share the same values. Smaller organizations should establish clear lines of responsibility and accountability for ethical conduct, and regularly review code and ethical performance, especially where the organization is changing rapidly.

3.12 Codes of conduct are important tools for state-owned and not-for-profit enterprises. The

codes of these organizations usually cover a range of public commitments, because a loss of public confidence due to unethical behavior can irreversibly damage reputation. Developing and implementing codes can help manage specific ethical issues that can arise in these organizational types, and are challenging to manage. For example, these organizations can also use codes of conduct for board members to good effect. This helps to prevent conflicts of interest, especially by directing board members not to put their personal objectives above the organization’s welfare. Diligent decision-making in these organizations requires the same level of application and consideration of ethical issues as for profit-driven organizations.

3.13 For larger and more complex organizations in both private and public sectors, more

substantial codes should include a set of specific ethical rules and guidance covering a range of ethical issues. They should, for example, deal with bribery and corruption, conflict


12

of interest, improper accounting practices, and labor and environmental issues, and include corporate goals, responsibilities and values. They should also include guidelines for suppliers and business partners, and make public commitments where appropriate.

3.14 While organizations in different sectors will have some issues in common, organizations in

heavy or resource-based industries are likely to focus on a different range of issues than would service-based organizations or technology companies. Programs in heavily regulated industries often initially respond to violation of the law, although many have moved beyond this to establishing a values-based culture. Furthermore, very few codes deal only with single issues. Most cover a wide spectrum of issues, in one or more documents. Codes developed by organizations working with the public sector should also refer to specific laws and regulations governing sales to the public sector. In most countries, procurements by the public sector are subject to restrictions and guidelines.

PRINCIPLE C Commitment from board of directors: Ultimately, ethical responsibility lies with the board of directors (or its equivalent), the body that has power to influence an organization’s culture and behavior. Boards should specifically oversee the development of the code of conduct (and a wider initiative to achieve a values-based organization), and formally appoint a senior manager to supervise that development.

3.15 Some organizations make a senior executive responsible for leading the development of a

code of conduct; some appoint full-time ethics officers; and some do both. Regardless of where the responsibility lies, a champion, preferably at board level, is required and they should also sponsor the wider initiative to achieve a values-based organization.

3.16 Directors and senior management demonstrate their commitment, in part, by incorporating

ethics and transparency into corporate strategy. This includes ensuring that critical functions are led by people with the appropriate competence and authority, and that the organization understands its market and risks and manages them effectively.

3.17 Some national laws and regulations require a senior officer to be in charge of ethics and

compliance. The board should require this person to report regularly through an appropriate channel, such as the Audit Committee or Ethics Committee/group where there is one.

3.18 Developing a values-based organization should start at the top of the organization, with

senior executive support. The CEO should be willing to commit the required time and personal effort to the initiative, as well as to visibly demonstrate commitment. Companies known for ethical conduct and social responsibility are typically led by such CEOs. A values-driven program is likely to fail if employees sense that senior managers do not believe in and are not committed to the program.


13

3.19 The importance of an introductory letter from the CEO unambiguously endorsing the code and conveying top-management support cannot be underestimated. Such a letter should emphasize the organization’s values, include an overview of the code, and state the organization’s commitment to the proper conduct of its managers and employees. This message from the CEO will play a critical role in determining how well the code will be received and followed. It can also place the code within the context of a wider ethics and values-driven program. The code of conduct could also begin with an introduction from the CEO and/or board of directors explaining the importance of ethics and integrity, how the code supports and guides ethical behavior, and how the code reflects the organization’s context, values, and principles.

3.20 Through their everyday actions, senior managers can encourage others to meet higher

standards. The board itself needs to be ethical and committed to fostering and supporting an ethical culture. Ethically acting boards can be facilitated and supported by having their own code of conduct, and through sound corporate governance that deals with (a) appointing directors, (b) board agendas and meetings, (c) remuneration, (d) internal control, and (e) evaluating board performance. The existence of a board code and sound corporate governance will help the corporation deal with issues such as existing management and employee attitudes, the difficulty of communicating values and standards, possible conflicts with other organization objectives, pressures to meet other corporate goals, and the real cost of resources and management time to develop, implement and enforce the code.

3.21 Where a board does not have its own code, the organization-wide code could be used to raise

the level of governance and board performance by providing guidance on a range of issues, such as independence, nominations, tenure and remuneration, board structure, the process for managing meetings and agendas, and evaluation of board members and their performance. This should help prevent conflicts resulting from a lack of objectivity, divided loyalty, favoritism and self-interest.

PRINCIPLE D A multi-disciplinary and cross-functional group including international personnel should lead code development where organizational size permits. Groups of employees and other key stakeholders can help to identify risks to corporate culture and business conduct and consider potential vulnerabilities arising from these risks and can usefully assist in defining and reviewing code content.

3.22 Using multi-departmental groups or committees to develop a code will foster ownership

across all areas of an organization. The composition of such groups will vary and could include external representation, such as from suppliers or employee unions. Their work might also be facilitated by the involvement of consultants, especially at the beginning when the group determines its purpose, structure and process. Developing a code through cross-functional groups or committees helps to foster agreement on difficult and pertinent issues.


14

3.23 Larger organizations can establish a working group with representatives from various functions, including human resources, marketing, procurement, finance, internal audit, and legal and compliance. This working group would be responsible for ensuring that the code of conduct is made part of the organizational culture. Smaller organizations may delegate these responsibilities to a sufficiently senior individual who commands respect and support.

3.24 The organization should undertake a diagnostic self-assessment of organizational risks that

relate to ethics and conduct. It should first identify, within the context of the organization and its competitive environment, what issues to assess. It should (a) take into account customers’ and other stakeholders’ perceptions of the organization, (b) assess the behaviors within the organization and its competitors, and (c) understand what constitutes violation of industry and other external codes and laws, and existing policies that impact on organizational ethics and conduct.

3.25 Analyzing the organization by processes and activity leads to a comprehensive

understanding of (a) all material risks that should be addressed, and their possible causes, (b) whether they relate to organizational culture or structure, and (c) how performance is managed and rewarded. This approach can be applied to first development of a code, or when evaluating and updating a code. It can be a particularly useful approach when assessing gaps in performance. For example, a code might require the maintenance of income and expenditure accounts in accordance with generally accepted accounting principles, but in practice disbursements might not be properly documented, or internal controls could be inappropriately overridden.

PRINCIPLE E Clearly identifying the established process for defining, developing and reviewing a code will promote understanding of, and agreement on, the key stages and activities.

3.26 In addition to gaining the commitment of senior management, defining and developing a

code includes at least the following activities:

• Agreeing on the purpose of the code and how it will be used, and including this in a statement of intent in the code;

• Identifying stakeholders, what is important to them, and who should be involved in code development and implementation;

• Reviewing widely recognized external and multi-sector conduct guidelines;

• Drafting the content, perhaps by a working group comprising representatives from various functions in an organization;

• Testing/piloting and approving;

• Publishing and publicizing;

• Post-implementation reviewing of code content and its impact;


15

• Training and communicating as a means to embed the code (and organizational values); and

• Connecting the code to the organization’s (a) performance management policies and systems, and (b) internal controls.

Each of these steps is considered below.

Agreeing on the purpose of the code and how it will be used, and including this in a statement of intent in the code 3.27 Organizations should be clear on the code’s purpose and use. Codes typically fulfill the

following objectives:

• Stipulating the values and principles that govern how the organization does business;

• Establishing the responsibilities of the company towards its stakeholders;

• Explaining how employees are expected to apply an organization’s values and laws and regulations that affect its operations; and

• Providing guidance on resolving ethical issues and dilemmas, and how they can receive further advice.

Identifying stakeholders, what is important to them, and who should be involved in code development and implementation 3.28 Codes can be overly centered on responsibilities owed to the organization, rather than

responsibilities to stakeholders. This typically occurs where management leads and manages the drafting process without stakeholder input. Such codes typically fail to address important themes and issues.

3.29 Organizations that involve their stakeholders, at least by seeking their views and

requirements, should identify their stakeholders, evaluate their attitudes and opinions, design programs to address their concerns, and audit the effectiveness of policies affecting stakeholders.

3.30 A graphic representation of key stakeholders and their primary areas of concern is at

Appendix D. Key stakeholders include customers, employees, investors and creditors, competitors, suppliers/partners, and the public. Where employee unions or councils exist, the organization should consult with the employees’ representative. Most codes deal with behavior at least in relation to customers and suppliers. Guidelines targeted at other stakeholder groups are less commonly found, but should be considered for inclusion. Code guidelines typically cover areas such as: Customers: meeting product/service quality requirements, environmentally safe products/services, transparency in customer dealings and relationships, and privacy of customer data.


16

Employees: Protecting workers from injury and meeting health and safety requirements, avoiding discrimination, providing equal employment opportunity, fair and appropriate remuneration, respect of human rights, right to collective bargaining and support in developing skills and capabilities, and approach to gifts, entertainment, favors and bribes. Suppliers/partners: fair dealing, environmental and labor standards, anti-bribery, and corruption and human rights. Investors and creditors: Insider trading, financial returns to investors, accurate and timely information, financial disclosure and reporting, accounting and audits, and respecting shareholders’ legal rights. Directors’ responsibilities can be supported by guidelines on integrity, duties of diligence, conflicts of interest, and unauthorized self-dealing. Competitors: Adherence to competition laws, commitment to free and fair competition and cooperation with competition authorities, respect for rivals’ property rights, and appropriate gathering of competitive information. Public: Promotion of free trade, open markets, and democratic institutions, avoiding inappropriate involvement in politics, and environmental stewardship. This list is not intended to be exhaustive. A number of surveys are available that indicate a range of typical code guidelines – see resources in Appendix E.

3.31 The effectiveness of guidelines generally depends on the approach guidelines take on an issue

and what specific guidance is included. Credibility and commitment can be enhanced when a code precisely defines key concepts and clearly and adequately specifies required behavior. For example, if environmental concerns pose significant risks to an organization, the code should provide detailed guidance that defines and supports specific environmental initiatives.

3.32 Another example relates to bribery and corruption. Here, codes typically vary widely in their

definitions and required commitments. Rather than simply prohibiting bribery and corrupt behavior, codes could include guidance on offering, giving, soliciting and receiving “gifts,” and include references to authoritative guidance, such as the OECD Bribery Convention. Rules and guidelines can be included for both public officials and business partners, although they may vary in their treatment of these groups. In some circumstances, gifts from business partners could be accepted, but should be subject to disclosure.

Reviewing widely recognized external and multi-sector conduct guidelines 3.33 In preparing a code, an organization can access a variety of sources, ranging from local

laws and regulations to internationally accepted standards and guidelines. External standards (legal, industry, voluntary) and codes and guidance provided by external organizations, trade associations and professional bodies should be appropriately consulted and referenced in a code of conduct. See Appendix C for examples of such codes and guidelines.


17

3.34 Although industry codes can be used to elevate standards, following them can be difficult where an organization is raising standards above those of competitors, and employees feel constrained in their ability to compete. However, raising ethical standards and embedding organizational values should not be viewed negatively, as it can provide a competitive advantage.

Drafting the content, perhaps by a working group comprising representatives from various functions in an organization 3.35 One person needs to be primarily responsible for writing the code, but should be supported

by a group. This group should decide how to structure the code. The writing and implementation of a code has many legal aspects that could be reviewed by legal counsel. Where only a small amount of information is to be included, as could be the case in small organizations, a formal structure might not be required. In this case, a prioritized short list of issues and statements could form the basis of the written code.

3.36 Codes need to be easily understood by all employees. Negative phrasing should be avoided.

For example, individual rights can be addressed in such statements as, “We do not tolerate discrimination in A, B or C”. Instead, the principle can be stated positively and discrimination addressed more effectively through corporate and individual direction to “treat people fairly”. Effective codes that promote proper conduct write guiding principles and explanations in plain, positive language, rather than merely making demands. Codes can also usefully include practical examples.

Testing/piloting and approving 3.37 Codes should be tested among groups of employees from all levels and at different

locations. The working group should consider feedback and suggestions from the piloting phase, and make amendments before approving and publishing the code.

Publishing and publicizing 3.38 The code and its implications should be communicated to all employees in all locations,

and to business partners. Publishing codes on organizational websites is quite common. It should also be explained to new employees and partners. Some organizations reproduce the code, or parts of it, in their annual report and state how it is being used.

Post implementation review of code content and its impact 3.39 It is critical to assess the impact of a code’s principles and guidelines on organizational

practices and behavior, and how particularly sensitive and contentious issues are being managed. A worst-case scenario for non-compliance with a code’s principles and guidelines could be consumer boycotts for issues such as labor rights violations (whether by the organization or a business partner), or doing business in countries with poor human rights records.


18

3.40 Such a review provides an opportunity to openly debate an organization’s ethical standards,

and to determine whether management action is required to improve the code so that it positively influences the way companies conduct day-to-day operations.

3.41 Where an individual is responsible for the code, and perhaps wider values and compliance

initiatives, that individual could be usefully supported by a group of senior staff responsible for monitoring the adoption, promotion and effectiveness of the code. This group could also investigate potential breaches and regularly review wording and content. Feedback on compliance with the code should also help it to become an integral part of an organization’s culture.

3.42 In the case of existing codes, the organization should undertake a gap analysis that

considers the existing policy and approach and related communications and training programs, to identify what more or different is needed to encourage and support the expected behavior and compliance.

3.43 An outcome-based evaluation should document the current situation by (a) identifying

organizational risks and uncertainties, (b) listing and describing the resources dedicated to the program, (c) describing the program’s structures and systems, activities and processes (both planned and undertaken), and (d) assessing the outputs of the program, such as the number of people trained.

Training and communicating as a means to embed the code (and organizational values) 3.44 A well-drafted effective code simplifies adherence. Communication programs and

educational sessions are effective means of guiding employees, monitoring behavior, and embedding the code’s provisions.

3.45 Training in the practical application of the code can include workshops, hard copy

materials, online resources and e-learning modules. More innovative approaches to training such as mentoring and the use of ethical dilemma case studies can enhance its effectiveness by allowing dialogue and discussion so that employees can develop their level of awareness of ethical issues and ability to consider choices and possible responses. New employees should participate in training and related awareness programs. Without these, they may not realize the expectations and standards of their new organization.

3.46 To move beyond mere legal compliance, training and awareness programs could help

workers and managers at operational sites to assume more control over issues such as workplace conditions. Specific training could improve safety and enhance productivity. Training could also help employees apply principles to local circumstances, and encourage employees to disclose and discuss particularly challenging ethical dilemmas. For example, these programs should define conflicts of interest with precision, apply the principles to specific examples, and support the results with reasons. These programs should first focus on educating employees about how conflicts can develop. In addition, employees should


19

be helped to (a) recognize situations having the potential to create conflicts of interest, and (b) determine whether they are material and need to be managed and reported.

3.47 The effectiveness of training, education and communication programs should be reviewed

regularly. Connecting the code to the organization’s (a) performance management policies and systems, and (b) internal controls

3.48 Implementing the code requires reviewing existing performance management policies and

systems, and monitoring how expected behavior and compliance will be achieved and supported.

3.49 Mechanisms to embed the code and measure performance include annual compliance

sign-offs, periodic internal audits, and regular performance reviews. Adherence to the letter and spirit of the code could also be made a condition of continued employment, as well as a consideration in pay and a condition of further promotion.

3.50 Measures used in monitoring adherence with a code of conduct should be developed, a task

particularly suited to professional accountants in business. In doing so, questions of deviation should be addressed. For example, when does behavior so deviate from the standards that it should be reported to management? And how should the organization identify, consider and report on activities and behavior that poses risks to the organization?

3.51 Whistle-blowing (speaking up): the Code, or referenced documentation, should discuss

whistle-blowing, informing employees of what process to follow. Whistle-blowing should be defined to include reporting of lapses in honesty and integrity. Those who witness such behavior should be encouraged to report it and organizations should monitor the prevalence of whistle-blowing to be satisfied that people are not deterred from speaking up. In some jurisdictions, there is regulation that seeks to protect those speaking up and this should be considered in establishing a policy on whistle-blowing. Organizations should respond positively to those who speak up.

PRINCIPLE F A code of conduct should apply across all jurisdictions in which an organization operates, unless contrary to local laws and regulations.

3.52 Codes and policies should apply to all global business operations/production facilities. A

code of conduct is a reference for decision-making for employees from diverse backgrounds working across geographical and cultural boundaries. Without a fundamental code of conduct on which to base decisions, managers in different countries may have difficulty resolving conflicts. Local organizations should designate a senior person to be responsible for ensuring that the code is adhered to in that location.


20

3.53 Development of local, or country-specific, guidance should follow the same process as that used to develop the organization’s global code and policies. This ensures that the over-arching values and principles flow through to country-specific guidance. A global code supported by country-specific guidance is a way of dealing with local standards of conduct that differ from those in the country of its head office. It can also ensure compliance with domestic laws and regulations.

3.54 Although some organizations allow its stakeholders to define what constitutes appropriate

behavior in local jurisdictions, a compromise between a global and a domestic approach to standards of conduct should be avoided. An organization that operates internationally and seeks to respond to all stakeholders can be caught between the conflicting demands of diverse cultural environments.

3.55 More mature organizations seek to establish a single set of values and behavior standards

for its worldwide operations. Although some minor variations are accepted to meet local conditions and conflicting local laws, these organizations believe that their interests are best served by a single, worldwide code of conduct that fosters a single, worldwide standard of acceptable behavior. They consider this a matter of principle and good management. They also believe that most, if not all, requirements in a code of conduct, particularly those relating to key issues of human rights, labor standards and the environment, have universal importance for the organization.

3.56 To facilitate local implementation, the code should be translated into the appropriate local

language(s). A high-quality translation helps to ensure that the spirit and the intent of the text has been captured.

3.57 Training in local operational units can also facilitate implementation. An organization

could focus training primarily on its own culture and values rather than the local national culture. For example, an organization could state as an organizational principle that all employees will be given equal opportunity and will be treated fairly at work, despite any different local pre-existing traditions. In addition, the organization should look for commonalities and similarities between organizational values and local characteristics, and consider these in training.

PRINCIPLE G Continuous awareness and promotion of the code and the wider approach to ethics and compliance is an important part of conveying management’s commitment to their underlying principles. A continuous awareness program should sustain interest in and commitment to the code. Employees and others should be made aware of the consequences of not adhering to the code.

3.58 Apathetic adherence to a code can be avoided with regular communications, especially

feedback on adherence and case studies dealing with ethical dilemmas. Awareness of the code’s existence is only a first step. Success depends on employees’ awareness of the


21

code’s content and how its key features relate to their work. Publicizing positive behavior and contributions of employees in developing the code, setting and acting in accordance with the code and organizational values can facilitate continuing awareness and adherence.

3.59 A procedure for disciplining employees who do not adhere to any part of the code should

be simple and involve an appropriate range of stakeholders, for example human resources, legal, and trade union representatives. Employees should be told the facts that support allegations of non-adherence, and how it will be dealt with. Prescribing fixed actions for particular offences is not necessary, but the process for investigating alleged non-adherence should be clearly described and action should be proportional to the seriousness of confirmed non-adherence. Disciplinary and remedial measures should be applied with consistency, particularly across management levels, and reviewed so to prevent recurrences of inconsistent discipline.

3.60 The Code of Conduct should apply at all times to all employees, including Directors,

especially during periods when challenging issues and ethical dilemmas arise. A Board of Directors should not countenance the suspension of a Code for difficult decisions particularly where there are, or could be, conflicts of interest.


22

Appendix A: Illustration of a Code of Conduct for the ABC Organization This appendix is an example code of conduct for The ABC Organization. It is not definitive and because it does not cover a comprehensive range of issues, it should not be used as a template. It is a guide based on how a fictional ABC organization describes the values that govern how it does business, sets out some example responsibilities of the organization towards its stakeholders and specifies how employees are expected to act in relation to the organization’s values as well as the laws and regulations that control operations. In practice, it is common for codes to outline obligations to a range of stakeholders (see appendix D) including employees, customers, shareholders, suppliers, competitors, governments and local communities. The first page of the code of conduct would contain a letter from the President/CEO of The ABC Organization. Code of Conduct This document clarifies the responsibilities that The ABC Organization and its employees have to each other, to our partners, and to our communities. It helps us understand the responsibilities we share, and alerts us to important legal and conduct issues that may arise. You will not find every organizational rule, policy or standard here. You may also not find every answer you seek. You will, however, find the basic values and principles by which The ABC Organization has chosen to govern itself. The Ethics and Conduct Committee produced this code in consultation with the organization’s main stakeholder groups. The company is committed to regular and meaningful engagement with its stakeholders regarding its activities. Accountability and Actions ABC Organization maintains the highest ethical standards in carrying out its activities. All employees are expected to act according to our ethical principles. Employee are encouraged to raise any questions or concerns about workplace behavior. If doubts exist – ask. Many improper actions are taken, not because of poor character or dishonest intentions, but because someone did not have the proper information, did not understand the information they had, or acted prompted by a desire to “just get things done.” Any employee, who in good faith seeks advice, raises a concern or reports improper behavior, is doing the right thing. The ABC Organization prohibits all personnel from taking any action against an employee who reports a concern. The Ethics and Conduct Committee is responsible for initiating and supervising the investigation of all reports of non-adherence of this code and ensuring appropriate disciplinary action is taken when required. No part of this code may be waived or suspended.


23

Overview of Business Conduct Every organization depends on its good name to succeed. The ABC Organization relies on its employees and business partners to consistently do the right thing in the right way, to maintain our good name. The vision of the organization and every employee is to be the best in everything we do, individually and collectively. We live by a set of values in every operation and action. Do the Right Thing • Put values and standards into practice. • Comply with all applicable laws. Do the Right Thing in the Right Way • Work within organizational policies and established systems and processes. • Speak up when faced with doubtful actions. • Direct others to work according to organizational values, standards and the law. All employees and business partners must take a personal interest in and be responsible for protecting the organization’s good name in the following manner:

• Understand correct work behavior

o Each employee must know the organization’s values, policies, procedures, and legal requirements that guide their conduct. If a person does not know, he or she should ask before taking action.

o Respect people and the law in the workplace.

o Each employee, supplier, customer, representative and contractor is expected to behave in a lawful, respectful way when doing business on behalf of the organization.

• Question and/or report activities that appear to violate organizational values or the law.

o Each employee should ask questions, raise concerns, and report dishonest or improper conduct by employees, representatives, contractors, customers, or suppliers.

The ABC Organization’s Values The ABC Organization is a values-based organization. Values provide the common framework for decisions, actions, and behaviors. Living our values requires us to meet the highest standards of corporate behavior in all aspects of business. Integrity The foundation of The ABC Organization is our integrity. We are open, honest and trustworthy in dealing with customers, suppliers, contractors, representatives, co-workers, shareholders and the communities we affect.


24

The ABC Organization’s Code of Conduct Environmental, Health and Safety We work safely in a manner that protects and promotes the health and well-being of the individual and the environment. Customer We support our customers’ success by creating exceptional value through innovative product and service solutions. Excellence We relentlessly pursue excellence in everything we do. People We work in an inclusive environment that embraces change, new ideas, respect for the individual, and equal opportunity to succeed. Profitability We strive for sustainable financial results that enable profitable growth and superior shareholder value. Accountability We are accountable – individually and collectively – for our behaviors, actions, and results. Guide to Business Conduct Conduct Involving Ourselves and Our Co-workers The basis of our values is dignity and mutual respect. These values drive our business. Management Responsibility All organizational leaders must show a commitment to the organization’s values through their actions. They must also promote an environment where compliance is expected and valued. All employees must comply with the organization’s values and principles. No one may ask any ABC Organization employee to break the law or go against organizational policy and values. Health and Safety The ABC Organization will not compromise health or safety in the workplace for production or profit. It is the goal at every ABC Organization location to have and maintain a safe workplace. Health and Safety policies and procedures are published for all our plants, offices and work sites, and must be followed. All employees must perform their duties while following the published health and safety rules, and must promptly report any concerns, safety violations or incidents.


25

Respect and Fair Treatment The ABC Organization gives equal opportunity for employment to all individuals, regardless of their race, religion, color, national origin, age, sex, sexual orientation, or disability. This fair treatment policy applies to all phases of the employment relationship, including:

• Hiring, assigning, promoting, and dismissing employees.

• Providing opportunities for growth and development.

• Recognizing success.

• Selecting employees for training programs.

• Determining wages and benefits. We will establish an environment of clear, honest, and timely communication. We will strive to understand all views.

Diversity is a strength in The ABC Organization. Every employee must respect the people and cultures with whom or in which they work. As an organization, we seek diversity at all levels and expect a work environment in which all employees can develop and contribute to their full potential. Harassment The ABC Organization does not tolerate any form of harassment whether it be sexual, physical or mental harassment. This includes bullying of employees. Employees are expected to be open, honest, and courteous with each other. Human Rights The ABC Organization honors and respects all who choose to work for the organization. The ABC Organization does not use child labor or forced labor. The ABC Organization respects the freedom of individual employees to join or refrain from joining legally authorized associations or organizations. The company supports human rights consistent with the UN Declaration of Human Rights and will consider carefully before trading with, or investing in, countries which are governed by regimes that do not adhere to the UN Declaration. Personal Relationships The ABC Organization recognizes that all individuals have the right to work for the organization. In some cases, family members or close personal friends of employees may also work for The ABC Organization. In these situations, ABC Organization will avoid, where possible, work situations that create a direct reporting relationship between family members or individuals with a close personal relationship.


26

Other issues Employees are not allowed to work under the influence of drugs or alcohol. Employees may not act violently or threaten violence while at work, and are prohibited from bringing weapons and illegal drugs onto the work site. No employees may be involved with an activity that is in conflict with ABC Organization’s business interests. Any personal interests in relation to the organization’s business must be disclosed. A conflict of interest could include directorships, significant shareholdings and employment of family members. Relations with suppliers Strengthening our relationships depends on our reputation for conducting all aspects of our business with suppliers in a way that is mutually beneficial as well as open. The ABC Organization will aim to develop relationships with its suppliers based on honesty, fairness and mutual trust. Relations with governments and local communities ABC Organization’s performance over the long-term depends on sensitivity to local customs and conventions governing business relationships, and a commitment to make a positive contribution the sustainable development of the communities in which we work. The ABC Organization will consider ways of supporting communities in which it operates through charitable and educational activities and contributions (made within policies set by the board of directors). The ABC Organization will minimize any harmful effects of our operations on the natural environment and finite resources. In doing so, we will set out environmental quality standards which are desirable and attainable and comply fully with all relevant environmental legislation. If you have questions about this code of conduct or concern about a co-worker’s conduct, first contact your manager. If you do not feel comfortable doing that, contact one of these other organizational resources:

• Human Resources Department

• Compliance Department

• Legal Department

• Audit Committee.


27

Appendix B: Values-Based Principles in Public Life – An Example The UK-based standing Committee on Standards in Public Life is an example of how a values-based code of conduct can be developed for the public sector. Formerly known as “The Nolan Principles of Public Life,” the website http://www.public-standards.gov.uk/ provides information on the continuing evolution of this important activity. The Committee has set out “Seven Principles of Public Life” that it believes should apply to all in the public service. These are:

Selflessness

Holders of public office should act solely in terms of the public interest. They should not do so in order to gain financial or other benefits for themselves, their family or their friends.

Integrity

Holders of public office should not place themselves under any financial or other obligation to outside individuals or organizations that might seek to influence them in the performance of their official duties.

Objectivity

In carrying out public business, including making public appointments, awarding contracts, or recommending individuals for rewards and benefits, holders of public office should make choices on merit.

Accountability

Holders of public office are accountable for their decisions and actions, to the public and must submit themselves to whatever scrutiny is appropriate to their office.

Openness

Holders of public office should be as open as possible about all the decisions and actions that they take. They should give reasons for their decisions, and restrict information only when the wider public interest clearly demands.

Honesty

Holders of public office have a duty to declare any private interests relating to their public duties, and to take steps to resolve any conflicts arising in a way that protects the public interest.

Leadership

Holders of public office should promote and support these principles by leadership and example.


28

Appendix C: External Conduct Guidelines and Legal Standards A more wide-ranging list of external conduct guidelines and legal standards can be found at various websites and including the Business for Social Responsibility website www.bsr.org. Examples of legal standards US Federal Sentencing Guidelines: Developed in 1991 and updated in 1995 and 2002, these guidelines provide specific rules to US private, public and not-for-profit sector-based organizations for preventing, detecting, and reporting criminal conduct. www.ussc.gov/guidelin.htm Foreign Corrupt Practices Act: First passed in 1977 and amended in 1988 and 1998, this Act applies to US citizens and organizations around the world, and to non-US companies listed on the New York Stock Exchange. It makes it a federal offense to give anything of value to foreign officials, political parties, or candidates for public office to obtain a contract. OECD Convention on Combating Bribery of Foreign Public Officials: Signed by 29 OECD members and five non-members at the time it was enforced in 1999, this Convention’s provisions deal with bribery in procurement with governments and environmental issues. This Convention has led to new and enhanced laws in many OECD countries. For example, the European Union has agreed new rules to deal with corruption, money laundering and smuggling. Examples of voluntary standards

OECD Guidelines for Multinational Enterprises

The Global Sullivan Principles

International Labour Organisation Conventions

Universal Declaration of Human Rights

Principles for Global Corporate Responsibility

Caux Principles for Business

Global Reporting Initiative Examples of industry specific standards

Defense Industry Initiative on Business Ethics and Conduct

International Council of Toy Industries


29

Customers General Business Activity

Quality, Performance, Trustworthiness

Quality, Service Commitments

Supplier General Business

Activity Lenders

Remuneration, Fair Employment Practices,

etc.

Employees’ Personal Lives

Economic and Social Impact

Community Overall

Community Life Government Taxpayers

An Organization’sBasic Activities

ROI Investors/creditors

Personal/ Institutional Finances

Appendix D: A Graphic Representation of Key Stakeholders and Their Primary Areas of Concern There are several overlaps and interdependencies between stakeholder groups that the diagram does not highlight, for example between employees on the one hand, and the community and the concept of corporate citizenship on the other.


30

Appendix E: Resources This list of resources is a brief selection of many available resources on this topic and is not intended to be exhaustive. Use the IFAC KnowledgeNet at www.ifacnet.com to search IFAC and many of its member body websites.

• Center for the Study of Ethics in the Professions, Illinois Institute of Technology, Codes of Ethics online

• Center for Business Ethics at Bentley College

• The Conference Board

• Ethics Resource Center

• Group of 100

• International Labour Organisation

• Institute of Business Ethics Publications

• International Federation of Accountants Code of Ethics for Professional Accountants (2005):

• CMA Canada (Management Accounting Practices publication), Ethics Control Systems

• The Institute of Internal Auditors internal auditing practice advisories, The Role of the Internal Audit Activity in the Ethical Culture of an Organization

• OECD (2001), Codes of Corporate Conduct, An Expanded Review of their Contents

• World Bank (2003 and 2004), Company Codes of Conduct and international standards: an analytical comparison, Part I: Apparel, Footwear and Light Manufacturing, Agribusiness and Tourism; Part II: Oil and Gas, Mining

• Verschoor C (2007), Ethics and Compliance: Challenges for Internal Auditing, The IIA Research Foundation, ISBN 978 0 89413 612 2

• Dando N & Raven W (2006), Living up to our Values, Developing Ethical Assurance, The Institute of Business Ethics, ISBN 09539517 8 2

• Gebler D (2006), Creating an ethical culture, Values-based ethics programs can help employees judge right from wrong, Strategic Finance

• Paine L & Margolis JD (2005), Up to the Code: Does Your Company’s Conduct Meet World-Class Standards?, Harvard Business Review

• Webley S (2003), Developing a Code of Business Ethics, The Institute of Business Ethics ISBN 0 9539517 4 – includes references to codes available on company websites

• Driscoll D & Hoffman W M (2000), Ethics Matters, How to Implement Values-Driven Management, Center for Business Ethics, Bentley ISBN 0 9675514 0 4

INTERNATIONAL FEDERATION OF ACCOUNTANTS PAIB COMMITTEE MEMBERSHIP 2007

Country Representative Technical Advisor(s)

Hong Kong, China Edward Chow (Chair) Chew Fook Aun/ Patricia McBride

United Kingdom Chris Jackson (Deputy Chair)

Australia Lance Balcombe Bill Palmer

Canada Bill Langdon

France Patrick Rochet Henri Giot

India Rajkumar Adukia

Ireland Brian Kearney Kieran Lyons

Korea Lee-seok Hwang

Malaysia Yeo Tek Ling Marini Abu Bakar/ Ibrahim Kamal Abdul

Netherlands Henri Van Horn

Nigeria Catherine Okpareke

Pakistan Muhammad Nara

Poland Zbigniew Bak Roger Adams

South Africa Alfred Ramosedi Richard Mallett

United Kingdom Keith Luck

United Kingdom Roger Tabor Tom Lewis

United States Eileen Morrissey John Morrow

United States Brad Kaplan Priscilla Payne

IFAC Stathis Gould

IFAC Vincent Tophoff

questionnaire regarding corporate governance …

Documents